Lucene search
K

102 matches found

OSV
OSV
added 2022/09/26 1:6 p.m.7 views

SUSE-SU-2022:3391-1 Security update for mariadb

This update for mariadb fixes the following issues: Update to 10.5.17: - CVE-2022-32082: Fixed assertion failure at table-getrefcount == 0 in dict0dict.cc bsc1201162. - CVE-2022-32089: Fixed segmentation fault via the component stselectlexunit::excludelevel bsc1201169. - CVE-2022-32081: Fixed...

7.5CVSS6.4AI score0.02082EPSS
Exploits10References24
RedHat Linux
RedHat Linux
added 2022/09/01 2:21 p.m.2 views

mariadb: assertion failures in decimal_bin_size

A flaw was found in the MariaDB Server. It contains a global buffer overflow in the component, decimalbinsize, which is exploited via specially crafted SQL statements, impacting availability...

7.5CVSS7.5AI score0.02458EPSS
Exploits1References4
Mageia
Mageia
added 2022/08/29 5:7 a.m.85 views

Updated mariadb packages fix security vulnerability

zlib before 1.2.12 allows memory corruption when deflating i.e., when compressing if the input has many distant matches. CVE-2018-25032 A use-after-poison in prepareinplaceaddvirtual at /storage/innobase/handler/handler0alter.cc. CVE-2022-32081 An assertion failure at table-getrefcount == 0 in...

7.5CVSS4.8AI score0.52063EPSS
Exploits6References2
RedHat Linux
RedHat Linux
added 2022/08/02 10:9 a.m.4 views

mariadb: assertion failures in decimal_bin_size

A flaw was found in the MariaDB Server. It contains a global buffer overflow in the component, decimalbinsize, which is exploited via specially crafted SQL statements, impacting availability...

7.5CVSS7.5AI score0.02458EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2022/08/02 12:0 a.m.60 views

RHEL 8 : mariadb:10.5 (RHSA-2022:5826)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:5826 advisory. MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded ...

7.8CVSS7.3AI score0.02458EPSS
Exploits29References80
Github Security Blog
Github Security Blog
added 2022/02/09 11:39 p.m.65 views

Integer overflows in Tensorflow

Impact The implementations of SparseCwise ops are vulnerable to integer overflows. These can be used to trigger large allocations so, OOM based denial of service or CHECK-fails when building new TensorShape objects so, assert failures based denial of service: python import tensorflow as tf import...

6.5CVSS3AI score0.01097EPSS
Exploits1References9Affected Software3
OSV
OSV
added 2022/02/03 1:15 p.m.20 views

PYSEC-2022-78

Tensorflow is an Open Source Machine Learning Framework. Multiple operations in TensorFlow can be used to trigger a denial of service via CHECK-fails i.e., assertion failures. This is similar to TFSA-2021-198 and has similar fixes. We have patched the reported issues in multiple GitHub commits. I...

6.5CVSS2.7AI score0.00458EPSS
Exploits0References2
Prion
Prion
added 2022/02/03 1:15 p.m.25 views

Stack overflow

Tensorflow is an Open Source Machine Learning Framework. Multiple operations in TensorFlow can be used to trigger a denial of service via CHECK-fails i.e., assertion failures. This is similar to TFSA-2021-198 and has similar fixes. We have patched the reported issues in multiple GitHub commits. I...

4CVSS6.5AI score0.00458EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2022/02/03 1:15 p.m.6 views

PYSEC-2022-133

Tensorflow is an Open Source Machine Learning Framework. Multiple operations in TensorFlow can be used to trigger a denial of service via CHECK-fails i.e., assertion failures. This is similar to TFSA-2021-198 and has similar fixes. We have patched the reported issues in multiple GitHub commits. I...

6.5CVSS6.6AI score0.00458EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2022/02/03 12:47 p.m.2 views

CVE-2022-23569

Tensorflow is an Open Source Machine Learning Framework. Multiple operations in TensorFlow can be used to trigger a denial of service via CHECK-fails i.e., assertion failures. This is similar to TFSA-2021-198 and has similar fixes. We have patched the reported issues in multiple GitHub commits. I...

6.5CVSS7AI score0.00458EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2022/02/03 12:47 p.m.9 views

CVE-2022-23569 `CHECK`-fails when building invalid tensor shapes in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. Multiple operations in TensorFlow can be used to trigger a denial of service via CHECK-fails i.e., assertion failures. This is similar to TFSA-2021-198 and has similar fixes. We have patched the reported issues in multiple GitHub commits. I...

6.5CVSS6.4AI score0.00458EPSS
Exploits0References2
CVE
CVE
added 2022/02/03 12:47 p.m.115 views

CVE-2022-23569

TensorFlow/CVE-2022-23569: Denial‑of‑service via CHECK‑fails (assertion failures) across multiple ops in TensorFlow/TFLite, caused by invalid tensor shapes and related checks. Root cause: assertion failures in core paths; fixes released as patches implemented in GitHub commits. Remediation: upgra...

6.5CVSS6.5AI score0.00458EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2022/02/03 12:15 p.m.10 views

PYSEC-2022-131

Tensorflow is an Open Source Machine Learning Framework. The implementations of SparseCwise ops are vulnerable to integer overflows. These can be used to trigger large allocations so, OOM based denial of service or CHECK-fails when building new TensorShape objects so, assert failures based denial...

6.5CVSS6.6AI score0.01097EPSS
Exploits1References5
Redos
Redos
added 2021/12/24 12:0 a.m.7 views

ROS-2-1974

2.1974 Multiple vulnerabilities in ISC BIND CVE-2021-25216, CVE-2021-25215, CVE-2021-25214 1. Vulnerability Description: CVE-2021-25216 A vulnerability exists due to a boundary error in the GSS-TSIG extension. A remote attacker can send specially crafted requests to the server, trigger a buffer...

9.8CVSS8.7AI score0.82367EPSS
Exploits0
CNNVD
CNNVD
added 2021/10/19 12:0 a.m.5 views

Zephyr 安全漏洞

Zephyr is an open source, small, scalable, real-time operating system. a security vulnerability exists in Zephyr, which stems from truncated L2CAP K-frames causing assertion failures. No detailed vulnerability details are available at this time...

7.5CVSS5.5AI score0.0093EPSS
Exploits0References2
Redos
Redos
added 2021/09/08 12:0 a.m.45 views

ROS-2-472

2.472 Multiple vulnerabilities in ISC BIND CVE-2021-25216, CVE-2021-25215, CVE-2021-25214 1. Vulnerability Description: CVE-2021-25216 A vulnerability exists due to a boundary error in the GSS-TSIG extension. A remote attacker can send specially crafted requests to the server, trigger a buffer...

8.6AI score0.82367EPSS
Exploits0
Redos
Redos
added 2021/09/08 12:0 a.m.29 views

ROS-2-582

2.582 Multiple vulnerabilities in ISC BIND CVE-2021-25216, CVE-2021-25215, CVE-2021-25214 1. Vulnerability Description: CVE-2021-25216 A vulnerability exists due to a boundary error in the GSS-TSIG extension. A remote attacker can send specially crafted requests to the server, trigger a buffer...

9.8CVSS8.3AI score0.82367EPSS
Exploits1
Redos
Redos
added 2021/09/08 12:0 a.m.20 views

ROS-2-983

2.983 Multiple vulnerabilities in ISC BIND CVE-2021-25216, CVE-2021-25215, CVE-2021-25214 1. Vulnerability Description: CVE-2021-25216 A vulnerability exists due to a boundary error in the GSS-TSIG extension. A remote attacker can send specially crafted requests to the server, trigger a buffer...

9.8CVSS8.6AI score0.82367EPSS
Exploits15
Redos
Redos
added 2021/09/08 12:0 a.m.11 views

ROS-2-1247

2.1247 Multiple vulnerabilities in ISC BIND CVE-2021-25216, CVE-2021-25215, CVE-2021-25214 1. Vulnerability Description: CVE-2021-25216 A vulnerability exists due to a boundary error in the GSS-TSIG extension. A remote attacker can send specially crafted requests to the server, trigger a buffer...

9.8CVSS8.6AI score0.82367EPSS
Exploits0
CNNVD
CNNVD
added 2021/08/18 12:0 a.m.6 views

Live555 安全漏洞

Live555 is a cross-platform C++ open source project that provides a solution for streaming media and implements support for standard streaming media transport protocols such as RTP/RTCP, RTSP, SIP, and others. A security vulnerability exists in Live555, which stems from liveMedia/FramedSource.cpp...

5.5CVSS6.1AI score0.00865EPSS
Exploits1References2
Rows per page
Query Builder